Google and others back Internet of Things security push

Rather than becoming ubiquitous in homes as expected, the Internet of Things (IoT) has become the butt of jokes, in part because of major security and privacy issues. UK mobile chip designer ARM — which created the architecture used by Qualcomm, Samsung and others — has a lot to lose if it doesn’t take off. As such, it has unveiled a new security framework called Platform Security Architecture (PSA) that will help designers build security directly into device firmware.

ARM notes that “many of the biggest names in the industry” have signed on to support PSA (sorry ARM, that’s a bad acronym). That includes Google Cloud Platform, Sprint, Softbank, which owns ARM, and Cisco. (A complete list is shown in the image below.)

The main component of it is an open-source reference “Firmware-M” that the company will unveil for Armv8-M systems in early 2018. ARM said that PSA also gives hardware, software and cloud platform designers IoT threat models, security analyses, and hardware and firmware architecture specifications, based on a “best practice approach” for consumer devices.

Despite Intel’s best efforts, ARM is far and away the most prevalent architecture used in connected homes for security devices, light bulbs, appliances and more. ARM says that over 100 billion IoT devices using its designs have shipped, and expects another 100 billion by 2021. Improving the notoriously bad security of such devices is a good start, but it also behooves manufacturers to create compelling devices, not pointless ones.